This seems a pretty compelling opportunity! You seem like legitimate researchers and like you have a serious shot at getting a bunch of attention on this work. I agree that getting more attention on this kind of thing seems good for more policy energy regarding AI and it seems like travel funding will help with this. I funded this to a bit over the requested $3000, I'm open to pitches for the full $5000 being useful. Good luck!
2
AI scam research targeting seniors
Project summary
We’re seeking $3,000 to support our research on spear-phishing and AI-driven scams with a focus on elderly participants. Our research demonstrates how AI systems can be leveraged to create persuasive scam messages targeting older adults, achieving click-through rates comparable to those of human hackers.
Seniors are among the most emotionally resonant demographics for policymakers and the public. When they’re targeted by scams, it gets attention and action. Presenting our findings to the broader cybersecurity community will help build defenses, influence regulation, and ultimately protect millions of at-risk individuals.
To maximize impact, we’re also collaborating with a Pulitzer Prize–winning journalist from a leading news outlet, who is writing a feature story based on our work. Their reporting will help bring our findings to the public and decision-makers through a compelling, accessible narrative.
We are currently unable to use institutional funds from the Harvard Kennedy School due to significant university-wide funding restrictions, driven by political pressure on academic institutions. This microgrant would enable us to share our urgent and timely research with the people who need to hear it.
What are this project's goals? How will you achieve them?
We aim to utilize our research to raise awareness about AI-enabled scams targeting seniors and build momentum for both technical defenses and policy responses.
How we’ll achieve our goals:
Present at BSides Las Vegas: Share our findings directly with leading cybersecurity professionals, journalists, and policymakers.
Engage policymakers through emotion and data: Seniors are not just victims, they are parents, grandparents, and constituents. By showing how easily AI can deceive them, we reach the hearts and priorities of decision-makers.
Showcase defensive tools: Demo early prototypes of personalized spam filters and AI-powered training tools for older adults.
Continue research on cognitive vulnerability: Test which training methods help seniors resist personalized scam messages and refine our models accordingly.
How will this funding be used?
How will this funding be used?
Travel and lodging for both of us to attend BSides Las Vegas, where we’ve been invited to present two accepted talks on our research.
Tickets to DEF CON to further share our findings and connect with adjacent hacker and policy communities
Design of demo materials and audience handouts
In-person networking with cybersecurity researchers, industry leaders, and journalists
Outreach to policymakers and public sector partners attending both conferences
We see this microgrant as a catalyst: it enables critical real-world engagement that accelerates impact and lays the groundwork for further collaboration and support.
We expect this funding to cover a portion of these activities, with the primary focus on enabling conference participation to share our findings with the broader cybersecurity community. Any additional research work will be scaled based on available resources.
Who is on your team? What's your track record on similar projects?
Fred Heiding
Research Fellow at Harvard Kennedy School’s Belfer Center (Defense, Emerging Technology, and Strategy)
Leads research on AI-powered phishing, cybersecurity strategy and cyber policy
Co-author of “Evaluating Large Language Models’ Capability to Launch Fully Automated Spear Phishing Campaigns” (arXiv:2412.00586)
Simon Lermen
Independent AI safety researcher doing MATS summer 2025
Author of “LoRA Fine-tuning Efficiently Undoes Safety Training in Llama 2-Chat 70B”
Focuses on language model vulnerabilities, agent behavior, and AI misuse
Co-author of “Evaluating Large Language Models’ Capability to Launch Fully Automated Spear Phishing Campaigns” (arXiv:2412.00586)
What are the most likely causes and outcomes if this project fails?
What are the most likely causes and outcomes if this project fails?
Inability to attend BSides, DEF CON, and other conferences:
Without funding, we won’t be able to travel and present our work in person. This would sharply limit our ability to engage with the cybersecurity community, policymakers, and funders, diminishing the impact and reach of our research.Missed opportunity to reach key political audiences:
These conferences are rare venues where we can connect with senior and more conservative policymakers in a setting where AI risks to seniors resonate deeply. Losing this channel would reduce the emotional and strategic traction of our message.Loss of media momentum:
Our planned feature story with a Pulitzer Prize–winning journalist hinges on a timely, in-person presentation of our work. Missing the event may jeopardize this coverage and the broader awareness it could generate.Reduced chances of future collaboration and follow-on funding:
Events like BSides and DEF CON are critical hubs for forming long-term research and industry partnerships. Without attending, we risk missing connections that could lead to future grants, deployments, or policy pilots.
How much money have you raised in the last 12 months, and from where?
We have not yet raised any funding for this specific project. This would be our first external support for taking this research to the public.
donated $3,500
🐢
Fred Heiding
6 days ago
Thanks so much Neel, we really appreciate it!
BSides will record the talk, so I'll share it with you after our session. We may reach out later to clarify what additional work we could do for the full $5000, but this is a perfect start!
Best,
Fred